EP0615192A1 - Procédé et appareil de traversée d'objet adaptés à une mémoire structurée formée d'objets enchaînés - Google Patents

Procédé et appareil de traversée d'objet adaptés à une mémoire structurée formée d'objets enchaînés Download PDF

Info

Publication number
EP0615192A1
EP0615192A1 EP94103585A EP94103585A EP0615192A1 EP 0615192 A1 EP0615192 A1 EP 0615192A1 EP 94103585 A EP94103585 A EP 94103585A EP 94103585 A EP94103585 A EP 94103585A EP 0615192 A1 EP0615192 A1 EP 0615192A1
Authority
EP
European Patent Office
Prior art keywords
traverse
sub
objects
access
traversing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
EP94103585A
Other languages
German (de)
English (en)
Other versions
EP0615192B1 (fr
Inventor
Toshinari Takahashi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Toshiba Corp
Original Assignee
Toshiba Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Toshiba Corp filed Critical Toshiba Corp
Publication of EP0615192A1 publication Critical patent/EP0615192A1/fr
Application granted granted Critical
Publication of EP0615192B1 publication Critical patent/EP0615192B1/fr
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/448Execution paradigms, e.g. implementations of programming paradigms
    • G06F9/4488Object-oriented
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S707/00Data processing: database and file management or data structures
    • Y10S707/99931Database or file accessing

Definitions

  • the present invention relates to an object traversing over a structured memory formed by linked objects such as a data file system, a virtual memory space, and a database system utilized in computers.
  • object used in this specification represents any collection of data, including not just data files and programs but also various structures for operations to be temporarily utilized in a course of executing programs.
  • a plurality of objects may be related with each other by links, and can be treated together as another object.
  • each object constituting that single object may be referred as sub-objects.
  • schemes for the object traversing over a plurality of linked objects include a scheme for sequentially tracing the links as in a hyper-text system, and a scheme for retrieving and presenting a relevant object group for a specified name as in a data file system for a computer.
  • a scheme for limiting accessible objects depending on users and a scheme for temporarily changing an access right are also known.
  • Fig. 1 shows a state in which the directory is produced by Mr. Takahashi as an object 121.
  • Mr. Takahashi as an object 121.
  • no file name is assigned to this directory file, but the file name may be assigned at this point if desired.
  • a field 1211 indicates an owner ID for an owner of this object 121, where a number "128" registered in this owner ID field 1211 represents Mr. Takahashi in this example as indicated in an entry 1311 on an ID table 131 shown in FIG. 2, while a field 1212 indicates a group ID for a group to which this object 121 belongs, where a number "320" registered in this group ID field 1212 represents the group A in this example as indicated in an entry 1312 on the ID table 131 shown in Fig. 2.
  • a field 1213 indicates the access rights assigned to the owner of this object 121, where RD, WR, and EX fields indicate the access rights for reading, writing, and execution, respectively.
  • this object 121 is data and not program, so it cannot be executed and therefore the EX field has a value "0", while the owner of this object 121 certainly can read or write this object 121, so that the RD and ER fields have values "1".
  • a field 1214 indicates the access rights for this object 121 with respect to the members of the group A.
  • this object 121 is certainly readable for the members of the group A as it is the data concerning this group A, so that the RD field has a value "1", but the WR field has a value "0" in order to protect the data of this object 121, while the EX field has a value "0" for the same reason as in the field 1213.
  • a field 1215 indicates the access rights for this object 121 with respect to those not belonging to the group A (non-members).
  • the directory of the group is a secret matter which should not be disclosed to the non-members, so that the RD field has a value "0", while the WR and EX fields have the values "0" for the same reason as in the field 1214.
  • a field 1216 indicates the actual data of the directory.
  • a pointer to the data or a block ID of a memory block storing the data may be registered, if desired.
  • a field 1411 indicates the owner ID for Mr. Takahashi in this example
  • a field 1412 indicates a group ID for a group to which this object 141 belongs, where a number "320" registered for this group ID 1412 represents the group A in this example as indicated in an entry 1312 on the ID table 131 shown in Fig. 2.
  • a field 1413 indicates the access rights assigned to the owner of this object 141 similar to the field 1213 in Fig, 1.
  • Fields 1414 and 1415 indicate the access rights for this object 141 with respect to the members and the non-members of the group A, respectively. In this case, the comments of this object 141 are not to be seen by the members as well as by the non-members of the group A, so that all the fields including the RD fields have values "0" in these fields 1414 and 1415.
  • a field 1416 indicates the actual comments of this object 141.
  • a field 1511 indicates an object name which corresponds to a file name in a usual data file system and which is "group A directory" in this example.
  • Fields 1512 and 1513 are the owner ID and the group ID similar to the fields 1411 and 1412 in Fig. 3.
  • a field 1514 indicates the access rights assigned to the owner of this object 151 similar to the field 1413 in Fig, 3 except that the WR field has a value "0" because there is no need to alter the structure of this object 151 itself even when the data and the comments for the directory are changed in future.
  • Fields 1515 and 1516 indicate the access rights for this object 151 with respect to the members and the non-members of the group A, respectively. In this case, there is no reason to hide the fact that this file "group A directory" comprises the directory itself and the comments from anybody, so that the RD fields have values "1" in these fields 1515 and 1516.
  • a field 1517 is a bit indicating a presence or absence of sub-objects, which has a value "1" in this example as there are sub-objects, while a field 1518 indicates a number of sub-objects which is indicated as 2 in this example.
  • Fields 1519 and 1520 indicate IDs of these two sub-objects, which are the IDs of he sub-objects 121 and 141, respectively, in this example.
  • the access right for reading this object 151 is also assigned to the non-members as well, so that any non-member can also traverse over the sub-objects 121 and 141 by tracing the links from this object 151, but the access rights for reading these sub-objects 121 and 141 are not assigned to the non-members, so that the contents of these sub-objects 121 and 141 cannot be read by any non-member and therefore the secrecy of the directory can be maintained.
  • Fig. 5 shows an object 161 registering a usual program for directory formatting
  • Fig. 6 shows a modified object 171 registering the similar program for directory formatting, where the identical fields of these objects 161 and 171 are given the identical reference numerals in Figs. 5 and 6.
  • a SAID (Set Address ID) 1611 is unspecified, which implies that the program registered in this object 161 is going to operate in a normal manner.
  • Fields 1613 and 1614 are the owner ID and the group ID similar to the fields 1411 and 1412 in Fig. 3.
  • Fields 1615, 1616, and 1617 indicate the access rights for the owner, the member of the group A, and the non-members, respectively, where the execution right is limited to the owner and the member of the group A, while the reading and writing rights are limited only to the owner.
  • a field 1618 registers the execution program itself which uses the object 151 of Fig. 4 as the data.
  • the modified object 171 of Fig. 6 differs from the object 161 of Fig. 5 in that a SAID 1612 has an ID "320" of the group A.
  • a SAID 1612 has an ID "320" of the group A.
  • This object 171 has the execution program 1619 in which the object 151 and the sub-objects 121 and 141 are going to be accessed by using the access rights assigned to the group A, so that the same data are going to be accessible regardless of who is executing this program, and the expected result can be obtained from this program 1619 by any member of the group A including Mr. Takahashi.
  • the above described conventional scheme can realize the object traversing using a special access right for relating the program with the data to be used by the program, but in this conventional scheme, the right to attach the SAID to the program remains uncertain. Namely, if the SAID can be attached to the program very easily, it is going to be possible to obtain the optional access rights as a result of using this program, such that the access rights attributed to each object become meaningless.
  • an object traversing apparatus for traversing an object formed by a plurality of sub-objects, comprising: memory means for storing the object with an assignment of a traverse right for each sub-object indicating who is allowed to traverse each sub-object; traverse ID list means for specifying at least one traverse IDs for identifying a user making a request to make an access to the object; traverse object selection means for selecting the sub-objects to be traversed at a time of traversing the object in response to the request from the user identified by the traverse IDs according to the traverse right assigned to the user identified by the traverse IDs in the object; and output means for outputting the sub-objects selected by the traverse object selection means as a result of the access to the object.
  • a method of object traversing for traversing an object formed by a plurality of sub-objects comprising the steps of: storing the object with an assignment of a traverse right for each sub-object indicating who is allowed to traverse each sub-object; specifying at least one traverse IDs for identifying a user making a request to make an access to the object; selecting the sub-objects to be traversed at a time of traversing the object in response to the request from the user identified by the traverse IDs according to the traverse right assigned to the user identified by the traverse IDs in the object; and outputting the sub-objects selected at the selecting step as a result of the access to the object.
  • Fig. 1 is a diagram of an object representing a directory in an exemplary conventional case.
  • Fig. 2 is a diagram of an ID list used in the exemplary conventional case.
  • Fig. 3 is a diagram of an object representing comments for the directory of Fig. 1 in the exemplary conventional case.
  • Fig. 4 is a diagram of an object for relating objects of Figs. 1 and 3 in the exemplary conventional case.
  • Fig. 5 is a diagram of an object for registering a program in the exemplary conventional case.
  • Fig. 6 is a diagram of a modified object for registering a program in the exemplary conventional case.
  • Fig. 7 is a block diagram of a first embodiment of an object traversing apparatus according to the present invention.
  • Fig. 8 is a diagram of an exemplary linked object structure handled by the apparatus of Fig. 7.
  • Fig. 9 is a diagram of a data structure for one object in the exemplary linked object structure of Fig. 8.
  • Fig. 10 is a diagram of the access right data in the data structure of Fig. 9.
  • Fig. 11 is a diagram of the traverse right data in the data structure of Fig. 9.
  • Fig. 12 is a diagram of one sub-object of the object whose data structure is shown in Fig. 9.
  • Fig. 13 is a diagram of an exemplary initial setting of the traverse ID list for one user (creator) in the apparatus of Fig. 7.
  • Fig. 14 is a diagram of an exemplary initial setting of the traverse ID list for another user (member) in the apparatus of Fig. 7.
  • Fig. 15 is a diagram of an exemplary initial setting of the traverse ID list for still another user (non-member) in the apparatus of Fig. 7.
  • Fig. 16 is a flow chart of an operation for selecting sub-objects to be traversed in the apparatus of Fig. 7.
  • Fig. 17 is a block diagram of a second embodiment of an object traversing apparatus according to the present invention.
  • Fig. 18 is a diagram of an exemplary changed setting of the traverse ID list for one user (creator) in the apparatus of Fig. 17.
  • Fig. 19 is a flow chart of an operation for selecting sub-objects to be traversed and changing traverse ID list in the apparatus of Fig. 17 in one situation.
  • Fig. 20 is a flow chart of an operation for selecting sub-objects to be traversed and changing traverse ID list in the apparatus of Fig. 17 in another situation.
  • Fig. 21 is a block diagram of a third embodiment of an object traversing apparatus incorporating an electronic mail tool according to the present invention.
  • Fig. 22 is an illustration of a document to be handled as a mail in the apparatus of Fig. 21.
  • Fig. 23 is a diagram of a data structure for the object representing the document of Fig. 22 in the apparatus of Fig. 21.
  • Fig. 24 is a diagram of an exemplary initial setting of the traverse ID list for one user (creator) in the apparatus of Fig. 21.
  • Fig. 25 is a diagram of an exemplary initial setting of the traverse ID list for another user (member) in the apparatus of Fig. 21.
  • Fig. 7 shows an overall configuration of an object traversing apparatus of this first embodiment, which comprises the following elements.
  • a virtual memory management unit 1 is a manager for making the management of inputs and outputs to and from memory devices easier.
  • the virtual memory management unit 1 manages objects 11 which are virtually stored in a virtual memory space of this apparatus, although it is not essential for the present invention to have these objects 11 to be virtually stored and any known memory management scheme may be employed instead.
  • the objects 11 may include those which are related with each other by a link 103.
  • the object data managed by this virtual memory management unit 1 are actually stored in a physical memory device 2 or a secondary memory device 3 such as a hard disk drive, a CD-ROM, or an IC card.
  • the object data can be stored into the secondary memory device 3 in a case of storing the data semi-permanently as persistent objects, as well as in a case of utilizing the secondary memory device 3 as a swapping region for the physical memory device 2.
  • the secondary memory device 3 may also be utilized in a case of carrying the object data away from this apparatus. It is also possible to construct the physical memory device 2 hierarchically by using cache memories or other means in a generally known manner.
  • the virtual memory management unit 1 is also connected with an I/O device 4 which is utilized in a case of treating the object data not actually stored in this apparatus and transmitted through telephone transmission line, radio, or network, as if they are always present in a virtual memory space of this apparatus. This can be realized by a generally known manner for managing a single virtual memory.
  • a processor 5 executes programs stored in a program memory unit 6 to carry out appropriate data processing on the object data managed by the virtual memory management unit 1.
  • This processor 5 contains usual processor elements such as registers to be utilized temporarily during the execution of the instructions, a program counter for indicating a position of the currently executed instruction in the program memory unit 6, a stack pointer for indicating a top position of stack data, etc., such that the processor 5 can execute the programs by manipulating data in these processor elements, while requesting the reading and writing of necessary data with respect to the virtual memory management unit 1.
  • An access request admission unit 7 admits access requests from the processor 5, including various data processing requests such as those for data reading, data writing, and data cancelling.
  • An argument detection unit 8 detects the arguments of each access request admitted by the access request admission unit 7, while an access request type judging unit 9 judges an access type of each access request admitted by the access request admission unit 7. Then, in a case the admitted access request is judged as a request for object reading by the access type judging unit 9, the admitted request is transmitted to an object reading execution unit 10 to be described in detail below along with the arguments detected by the argument detection unit 8.
  • a traverse ID list memory unit 12 manages a traverse ID list to be described in detail below, which may be provided for each thread, or shared among a plurality of threads.
  • an access right memory unit 13 manages access rights for the objects 11 with respect to users.
  • each of the elements of this apparatus described above may be provided with a specific server for managing it, if desired.
  • a target object retrieval unit 14 commands the reading of a target object specified by the object reading request from the virtual memory management unit 1, and stores the traverse right data list for this target object which is contained in the object data for this target object managed by the virtual memory management unit 1 into a traverse right data list memory unit 15, while supplying the retrieved target object to an object read out unit 20.
  • a traverse right data list detection unit 16 acquires the traverse right data list for the target object from the traverse right data list memory unit 15, and supplies it to a traverse object selection unit 19.
  • a traverse ID list detection unit 17 acquires a traverse ID list concerning a currently accessed process from the traverse ID list memory 12, while an access right verification unit 18 verifies whether the access rights for the target object are assigned to the currently accessed process or not according to the information stored in the access right memory unit 13.
  • the traverse object selection unit 19 judges appropriate objects to be traversed according to the information supplied from the traverse right data list detection unit 16, the traverse ID list detection unit 17, and the access right verification unit 18, by the procedure to be described in detail below, while also requesting the retrieval of additionally necessary objects to the target object retrieval unit 14.
  • the object read out unit 20 obtains necessary portions of the object data, i.e., data for all the sub-objects actually traversed, which are acquired by the recurrent operations of the elements of this object reading execution unit 10 and reads out these data to the processor 5 as a response to the object reading request.
  • Fig. 8 shows an exemplary object structure in this first embodiment in which a plurality of objects are related by links to form one meaningful file.
  • an object 201 representing a directory of a group A itself is accompanied by an object 202 representing comments attached to the directory of the object 201 by a directory creator.
  • These two objects 201 and 202 are linked to a combined object 204 representing a group A directory by links 203 such that a set of these objects 201, 202, and 204 and the links 203 can be regarded as the group A directory 205 as a whole.
  • a directory of a group B has no comment attached, so that an object 206 representing the directory of the group B itself alone is going to be an entire group B directory.
  • a directory of a group C also has no comment attached so that it may be represented by a structure similar to the directory of the group B, but here an object 207 representing a directory of the group C itself is linked to a combined object 208 representing a group C directory by a link 203 such that a set of these objects 207 and 208 and the link 203 can be regarded as the group C directory 209 as a whole, in anticipation of a possibility for adding comments later on.
  • the object 204 for the group A directory, the object 206 for the group B directory, and the object 208 for the group C directory are also linked to an object 210 representing a group directory in general by links 203 such that a set of these objects 205, 206, 209, and 210 and all the links 203 can be regarded as a generic notion of a group directory 200 as a whole.
  • ID for the object 210 is set to be IDM
  • IDs for the objects 204, 206, and 208 are set to be IDGA, IDGB, and IDGC, respectively
  • IDs for the objects 201 and 207 are set to be IDGA0 and IDGC0, respectively
  • ID for the object 202 is set to be IDGAC, in a concrete example described below.
  • the object 210 for the group directory has a data structure as shown in Fig. 9, which includes the following fields.
  • a field 301 indicates an object ID of this object 210
  • a field 302 indicates an ID of a creator of this object 210.
  • This ID of the creator corresponds to an ID of an owner in a conventional data file system, but it is not limited to a user ID and can be given by a group ID, a program number, or a thread number, if desired.
  • a field 303 indicates an access right data list which defines those who have the access rights for this object 210, which is in a form of a list of data in general.
  • the access right data list is given in a form shown in Fig. 10 which includes three access right data 304, 305, and 306.
  • the creator of this object 210 has the access rights for reading and writing, but the access right for execution is not going to be given yet, so that the access right data 304 for the creator (ID "128") has flags "R” and "W” for indicating the assignment of reading and writing access rights.
  • the access right data 305 has a flag “R” for indicating the assignment of reading access right to those who have the group ID "320" to "322”
  • the access right data 306 has a flag "R” for indicating the assignment of reading access right to a particular program identified by "program-ID”.
  • This access right data 306 indicates that the reading access right is assigned to the program having this "program-ID" provided that the execution result of this program is true.
  • the access to this object 210 is allowed only when the assignment of the access right is indicated by one of these three access right data 304, 305, and 306.
  • a field 307 indicates a traverse information for this object 210, which defines how to traverse over sub-objects at a time of traversing this object 210.
  • any desired manner of traversing can be realized by setting a program ID of an appropriate traverse control program to this traverse information field 307.
  • this traverse information field 307. Only some typical examples of such a traverse control program will be described.
  • a flag "EVERYTHING" set to the field 307 in Fig. 9 indicates that all the traversable sub-objects should be traversed. Namely, all the sub-objects for which the traverse rights are given will be sequentially read out in response to this flag.
  • This flag is provided such that those who belong to a plurality of groups can read a plurality of group directories for a plurality of groups to which they belong. In a case there is no traversable sub-object, this flag is going to cause an error called “permission denied". In this regard, it is also possible to replace this flag by another flag "EVERYTHING-SILENT" which shows a content of the group directory as an empty file when there is no traversable sub-object, without causing an error.
  • a flag "ONLYONE” may be used such that only one traversable sub-object is traversed while all the other traversable sub-objects are ignored even if they exist. This flag also causes an error when there is no traversable sub-object. In this regard, it is also possible to avoid the occurrence of an error by replacing this flag by another flag "ONLYONE-SILENT", just as in a case of the flag "EVERYTHING" described above.
  • a field 308 indicates a number of sub-objects for this object 210, which is set to be 3 in this example as there are three sub-objects 204, 206, and 208 for the object 210. These three sub-objects are identified by the IDs registered in fields 309, and each sub-object ID field 309 is accompanied by a field 310 for indicating a traverse right data list.
  • the traverse right data lists for the sub-objects Nos. 1 to 3 are given as traverse data 311 in forms shown in Fig. 11, each of which contains only one element alone.
  • the traverse rights for the sub-object No. 1 are exclusively assigned to the members of the group A identified by the group ID 320
  • the traverse rights for the sub-object No. 2 are exclusively assigned to the members of the group B identified by the group ID 321
  • the traverse rights for the sub-object No. 3 are exclusively assigned to the members of the group C identified by the group ID 322.
  • flags "R”, "W”, and "X” indicates the assignment of the traverse rights for object traversing in conjunction with reading, writing, and execution of this object 210, respectively, and in this example, the full traverse rights including all these traverse rights are given to the members of the respective groups.
  • each access right for an object indicates whether it is possible to make an access to that object or not, whereas each traverse right for a sub-object indicates whether that sub-object should be traversed automatically.
  • the access right is given but the traverse right is not given for a certain sub-object
  • the object having that certain sub-object as one of its sub-objects is straightforwardly traversed, that certain sub-object is not going to be traversed, i.e., that certain sub-object remains invisible from the user such that its presence can be concealed from the user because the traverse right is not assigned
  • the access to that certain sub-object is made by explicitly specifying that certain sub-object, that certain sub-object is accessible because the access right is assigned.
  • this flag "W” in the traverse right data 311 should not be considered as meaningless, because if this flag "W” is absent, the writing becomes impossible simply because it becomes impossible to reach to the sub-object itself by the traversing of the object, whereas when this flag "W” is present, it is possible to reach to the sub-object to check the access rights of the sub-object, and carry out an appropriate error processing.
  • the object 204 for the group A directory has a data structure as shown in Fig. 12.
  • those fields which are similar to the corresponding fields in the object 210 described above will be given the same reference numerals in the figure and their descriptions will be omitted.
  • the object 206 for the group B directory and the object 208 for the group C directory have the similar structure as this object 204 so that their descriptions will be omitted.
  • the access right data list field 303 has two access right data 312 indicating that the creator (ID: "128”) has the access rights for reading and writing, while the members of the group A (ID: "320”) has the access right for reading alone.
  • sub-object No. 1 is identified by the registered ID as the object 202 for the comments
  • sub-object No. 2 is identified by the registered ID as the object 201 for the directory itself.
  • these sub-objects have the traverse right data list fields 310 which contain the traverse data 313 indicating the full traverse rights for the creator (ID: "128”) and the members of the group A (ID: "320”), respectively.
  • the traverse ID list is set up in the traverse ID list memory unit 12.
  • the user can set any desired number of traverse IDs to the traverse ID list.
  • the traverse rights for the IDs to which the user himself does not belong are usually meaningless to the user, so that all the IDs to which the user himself currently belongs are usually set as a default setting.
  • the initial setting 61 of the traverse ID list has three traverse IDs 611 as shown in Fig. 13. It is of course possible to set any other setting as the initial setting of the traverse ID list, if desired.
  • the traverse information field 307 has the flag "EVERYTHING"
  • it proceeds to traverse the next sub-object No. 2 of this object 204.
  • the traverse right for reading is assigned to the ID "320" to which this user belongs according to the traverse right data 313 registered in the traverse right data list field 310, so that the sub-object No. 2 of this object 204 is also going to be traversed.
  • the initial setting 61 of the traverse ID list has three traverse IDs 611 as shown in Fig. 14.
  • the traverse data does not matches with any one of the traverse IDs 611 in the traverse ID list, such that the sub-object No. 1 of the object 204 is not going to be traversed. Consequently, the object 204 is going to be presented to this user as if it includes only one sub-object 201 for the directory itself.
  • the initial setting 61 of the traverse ID list has two traverse IDs 612 as shown in Fig. 15.
  • both of the sub-objects Nos. 1 and 2 are not going to be traversed as there is no traverse right assigned to these IDs "130" and "321". Consequently, the object 204 is going to be presented to this user as if it is an empty file without a content.
  • this ID: "128” is registered in the access right data list field 303 of this object 210 as shown in Fig. 10 so that this object 210 is accessible, and according to the data of this object shown in Fig. 9, it can be recognized that there are three sub-objects for this object 210.
  • the user with the ID: "128" can obtain the group A directory itself and the comments for this group A directory together as an uninterrupted data by making an access to the object 210,
  • the process for selecting the sub-object to be traversed recurrently can be carried out according to the flow chart of Fig. 16 as follows.
  • the initial setting 61 of the traverse ID list is made in a manner described above.
  • a number of sub-objects of this object is set to a variable number N at the step 1103, and whether this number N is equal to zero or not is determined at the step 1104. If this number N is equal to zero, there is no sub-object to traverse further, so that the process terminates. Otherwise next at the step 1105, whether an N-th sub-object is traversable for this user or not is judged by checking the traverse right data list of the N-th sub-object. If this N-th sub-object is not traversable, the variable number N is updated to N-1, and the process returns to the step 1104 described above.
  • the object traversing of this N-th sub-object is started.
  • this N-th sub-object contains further sub-objects for itself, the recurrent call for this N-th sub-object is made and the process returns to the start to repeat this operation of Fig. 16 for the N-th sub-object recurrently.
  • the traverse procedure is specified in each object itself without requiring a special definition in individual application program, so that the flexible representations of the objects can be utilized in a very natural fashion from each application program.
  • this object traversing scheme of the first embodiment is suitable for the development of a new type of program in which the access rights of the objects as well as the appearances of the objects from the users must be specified in complicated manners, such as a program required by the cooperative operation support system that has become popular in recent years.
  • this first embodiment resolves the conventional problem arising from the fact that, when the different access rights are set up different objects forming a single combined object, the operation of the program is going to be changed from one thread to another, and this irregularity of the program operation make it very difficult to carry out the debugging.
  • the object traversing apparatus has an overall configuration as shown in Fig. 17, where those elements which are equivalent to the corresponding elements in the first embodiment of Fig. 7 are given the same reference numerals in the figure and their descriptions are omitted.
  • Fig. 17 for the second embodiment differs from that of Fig. 7 for the first embodiment in that the object reading execution unit10 further incorporates a traverse ID list changing unit 21 for dynamically changing the traverse ID list, which is connected between the traverse object selection unit 19 and the traverse ID list memory unit 12. More specifically, this traverse ID list changing unit 21 either adds or deletes the traverse ID in the traverse ID list stored in the traverse ID list memory unit 12 according to the selection of the sub-object to be traversed made by the traverse object selection unit 19.
  • the traverse object selection unit 19 also functions to judge the access right for accessing the traversed object while traversing the object, and commands the traverse ID list changing unit 21 to change the traverse ID list such that the access to the traverse object can be made with an appropriate access right.
  • the traverse right data list defines the traverse right only for the ID: "320”, so that the traverse IDs other than this ID "320" in the traverse ID list are unnecessary. Consequently, the traverse ID list changing unit 21 deletes these unnecessary traverse IDs from the traverse ID list at a time of traversing this sub-object No. 1.
  • the traverse ID list of Fig. 13 is going to be changed to a state shown in Fig. 18 in which the traverse IDs "128" and "340" are disconnected to leave only the traverse ID "320" as an active one.
  • the traverse ID list is changed to set only this ID: "320" as a proper traverse ID so as to suppress a stronger traverse right corresponding to the access right assigned to the ID: "128".
  • the traverse right data list 310 of the sub-object No. 1 defines the traverse right 313 for the ID: "128" which is the ID of the current user, but since the current traverse ID list does not have this ID: "128" active as a result of the changing described above, so that the traversing of this sub-object No. 1 which is the object 202 for the comments is not going to be carried out.
  • the traverse right data list 313 of the sub-object No. 2 defines the traverse right for the ID: "320" which is also active in the current traverse ID list, so that the traversing of this sub-object No. 2 which is the object 201 for the directory itself is going to be carried out.
  • the user with the ID "128" (creator) can read out the content of only the object 201 for the directory itself by making an access to the object 210 for the group directory in general, without reading out the content of the object 202 for the comments under the stronger traverse rights originally assigned to this user.
  • This is in contrast to the conventional case in which both of the objects 201 and 202 are always traversed as this user has the access rights for both of these objects, unless some special right for accessing the objects is defined on the program side. Consequently, this second embodiment can be utilized by this user conveniently in a case of printing the directory by using a program unaware of the presence of the comments.
  • the process for selecting the sub-object to be traversed and changing the traverse ID list can be carried out according to the flow charts of Figs. 19 and 20 as follows.
  • the initial setting 61 of the traverse ID list is made in a manner described above.
  • a top element in the current traverse ID list is set to a pointer P at the step 1003
  • a number of sub-objects of this object is set to a variable number N at the step 1004, and whether this number N is equal to zero or not is determined at the step 1005. If this number N is equal to zero, there is no sub-object that can be traversed by the traverse ID set to the pointer P, so that the this traverse ID is deleted from the traverse ID list at the step 1009, and the process proceeds to the step 1010 next.
  • step 1006 whether an N-th sub-object is traversable for this user or not is judged by checking the traverse right data list of the N-th sub-object. If this N-th sub-object is not traversable, the variable number N is updated to N-1 at the step 1007, and the process returns to the step 1005 described above.
  • step 1010 whether any other traverse ID is left in the traverse ID list or not is determined. If there is another traverse ID in the traverse ID list, the next element in the current traverse ID list is set to the pointer P at the step 1008 and the process returns to the step 1004 described above, whereas otherwise the process proceeds to the step 1011.
  • a number of sub-objects of this object is set to a variable number N again, and whether this number N is equal to zero or not is determined at the step 1012. If this number N is equal to zero, there is no sub-object to traverse further, so that the process terminates.
  • step 1013 whether an N-th sub-object is traversable for this user or not is judged by checking the traverse right data list of the N-th sub-object. If this N-th sub-object is not traversable, the variable number N is updated to N-1 at the step 1014, and the process returns to the step 1012 described above.
  • the current traverse ID list is saved in a stack at the step 1015, and the object traversing of this N-th sub-object is started at the step 1016.
  • the recurrent call for this N-th sub-object is made and the process returns to the start to repeat this operation of Fig. 19 for the N-th sub-object recurrently.
  • the saved traverse ID list is taken out from the stack, and then at the step 1018, whether the traverse information field 307 in the data for this object indicates the flag "EVERYTHING" or not is determined. If not, the process terminates, whereas otherwise the process returns to the step 1014 described above.
  • the initial setting 61 of the traverse ID list is made in a manner described above.
  • a number of sub-objects of this object is set to a variable number N at the step 1103, and whether this number N is equal to zero or not is determined at the step 1104. If this number N is equal to zero, there is no sub-object to traverse further, so that the process terminates. Otherwise next at the step 1105, whether an N-th sub-object is traversable for this user or not is judged by checking the traverse right data list of the N-th sub-object. If this N-th sub-object is not traversable, the variable number N is updated to N-1, and the process returns to the step 1104 described above.
  • the current traverse ID list is saved in a stack at the step 1107, and the traverse ID not contained in the traverse right data list for this N-th sub-object is deleted from the traverse ID list in the stack at the step 1108. Then, the object traversing of this N-th sub-object is started at the step 1109. At this point, if this N-th sub-object contains further sub-objects for itself, the recurrent call for this N-th sub-object is made and the process returns to the start to repeat this operation of Fig. 20 for the N-th sub-object recurrently.
  • the saved traverse ID list is taken out from the stack at the step 1110, and whether the traverse information field 307 in the data for this object indicates the flag "EVERYTHING" or not is determined at the step 1111. If not, the process terminates, whereas otherwise the process returns to the step 1106 described above.
  • the user with the ID: "128” can traverse all the sub-objects of the object 204 by making an access to this object 204 explicitly to utilize the full traverse rights assigned to this user as in the first embodiment described above, while this user can also make an access to this object 204 by the traverse right assigned to the group ID: "320" by simply making an access to the object 210 for the group directory in general as the traverse right is changed at a time of traversing the sub-object 204 of this object 210.
  • the object traversing procedure can be defined for each object separately, while it is also possible to select the objects to be traverse appropriately and changing the traverse ID list according to this selection, so that the object traversing procedure can be defined flexibly and the protection of the objects can be achieved easily.
  • the object traversing is carried out for all these objects under the uniform traverse right, rather than the traverse right resulting from a combination of the separate traverse rights of these objects, so that it becomes possible to prevent the occurrence of the object traversing procedure unintended by the creator of these objects.
  • the traverse rights in places of the usual access rights by setting a limitation that the ID not belonging to the creator of the object cannot be added to the traverse ID list at a time of changing the traverse ID list, while preventing the improper access to the object by abusing the special object traversing procedure.
  • the object traversing apparatus incorporating the electronic mail tool has an overall configuration as shown in Fig. 21, where those elements which are equivalent to the corresponding elements in the second embodiment of Fig. 17 are given the same reference numerals in the figure and their descriptions are omitted.
  • the electronic mail tool portion comprises an electronic mail producing unit 30 to be used at a time of producing and transmitting an electronic mail, and an electronic mail receiving unit 40 to be used at a time of receiving and reading an electronic mail.
  • the electronic mail producing unit 30 includes a document input unit 31 for entering a document for making up a content of an electronic mail to be transmitted, and an object producing unit 32 for receiving the document entered at the document input unit 31 and requesting the virtual memory management unit 32 to store the received document in a form of a document object.
  • the document may be given in general data forms such as images, speeches, database, etc.
  • the electronic mail of this third embodiment is not necessarily limited to the conventionally known mail, and can be any desired data in general which are to be transmitted from one person to another.
  • the presentation documents as well as video data of the conference room can be included within the electronic mail of this third embodiment.
  • the electronic mail producing unit 30 also includes a traverse right data list producing unit 33 for receiving desired traverse rights to a part or a whole of the documents entered at the document input unit 31 in accordance with commands entered by a user at the document input unit 31, and requesting the object producing unit 32 to set up the desired traverse rights accordingly.
  • This operation to set up the traverse rights usually includes the division of the object into sub-objects.
  • the electronic mail producing unit 30 further includes an object transmission unit 34 for transmitting the document object produced by this electronic mail producing unit 30 and stored by the virtual memory management unit 1 by specifying a mail address 50 of an intended receiver.
  • an object transmission unit 34 for transmitting the document object produced by this electronic mail producing unit 30 and stored by the virtual memory management unit 1 by specifying a mail address 50 of an intended receiver.
  • the transmission of the mail is notified to the intended receiver, or a data transmission to the other computer is carried out through a network if necessary in accordance with the mail address 50 of the intended receiver.
  • This operation of the object transmission unit 34 can be realized by a conventionally known program called "sendmail".
  • the electronic mail so produced in this electronic mail producing unit 30 can be read by the others according to the appropriate traverse rights and access rights set up to it, but in this third embodiment, the electronic mail is going to be transmitted from a sender to a receiver as in a conventional electronic mail tool.
  • the electronic mail receiving unit 40 includes an object receiving unit 41 for detecting an arrival of the electronic mail, and a mail reading unit 42 for commanding the processor 5 to read the document object of the received electronic mail when the object receiving unit 41 detects the arriving electronic mail.
  • the reading of the document object can be carried out by the object reading execution unit 10 similarly as described for the second embodiment above.
  • the electronic mail receiving unit 40 also includes a traverse ID list specifying unit 43 for specifying the traverse ID list to be used at a time of reading the received electronic mail according to the commands entered by a user who wishes to read the received electronic mail, and a traverse ID list setting unit 44 for writing the traverse ID list specified at the traverse ID list specifying unit 43 into the traverse ID list memory unit 12.
  • the traverse ID list only indicates under whose traverse right should this mail be read, and obviously a user cannot read any mail (such as those addressed to the others) for which an access right is not assigned.
  • the electronic mail receiving unit 40 further includes a default traverse ID list specifying unit 45 for specifying the default traverse ID list according to a current situation to the traverse ID list setting unit 44, so as to omit a possibly tedious operation to specify the traverse ID list at the traverse ID list specifying unit 43 every time the user wishes to read the received electronic mail.
  • the default traverse ID list is determined according to the mail address 50 transmitted from the object transmission unit 34 to the object receiving unit 41, although it may be specified by using an environment setting file to be customizable. For example, in a case the electronic mail is addressed to all the members of the group A, the default traverse ID list enlists the traverse ID for the members of the group A alone. The user can enter the commands for changing the setting of the default traverse ID list to this default traverse ID list specifying unit 45 according to the user's preference or the need.
  • the electronic mail receiving unit 40 further includes a mail display unit 46 for displaying the electronic mail read out by the processor 5 and transmitted through the mail reading unit 42. It is also possible to request the change of the traverse ID list to the traverse ID list specifying unit 43 after reading the mail at this mail display unit 46 under a certain traverse right, and then read the same mail again under a different traverse right if possible.
  • a leader of a certain group produced a document 100 as shown in Fig. 22 which contains plans for the current term about the project A and the project B.
  • attributes concerning the traverse rights to the produced document, as indicated on a right margin of the document 100 itself.
  • the leader intended this document 100 to be a classified one, and wished to disclose the plan of each project only to those participating in each project.
  • the upper half concerning the project A is designated as a project A section for which the traverse right is to be assigned to the participants of the project A alone, while the lower half concerning the project B is designated as a project B section for which the traverse right is to be assigned to the participants of the project B alone.
  • the comment at the end of the project A section is specifically designated as a personal section for which the traverse right is to be assigned to the leader alone, as the content of this section relates to the privacy of the individual person.
  • the electronic mail producing unit 30 produces the data structure shown in Fig. 23 incorporating the appropriate traverse right data lists.
  • the fields of the object data 211 and 212 similar to those used in the first and second embodiments described above but not included in Fig. 23 are omitted only because they are not directly relevant to the operation in this third embodiment, and these fields should be considered as similarly provided in the object data 211 and 212.
  • the leader belongs to both of the projects A and B, so that the full traverse right for the entire document 100 is given to the leader, while the traverse right for each section designated to each project is assigned only to the participant of each project as indicated by the traverse right data lists 315.
  • the document 100 is divided into three parts 100-1, 100-2, and 100-3 according to the traverse right setting, and the parts 100-1 and 100-2 are regarded as sub-objects of an object 212, while this object 212 and a part 100-3 are regarded as sub-object of an object 211 for the entire document 100.
  • the object data 211 and 212 instead of the sub-object IDs used in the first and second embodiments described above, the object data 211 and 212 have position pointer fields 314 for registering pointers to the sub-objects.
  • the leader sends this document 100 as an electronic mail to all the member of the group including the participants of the project A and the participants of the project B.
  • the object traversing of the document object 211 can be carried out at a time of transmitting the electronic mail from the electronic mail producing unit 30, or at a time of reading the received electronic mail at the electronic mail receiving unit 40, or both.
  • a case of the object traversing at the electronic mail receiving unit 40 side will be described as an example.
  • this member-1 sets up the initial setting 316 of the traverse ID list as shown in Fig. 24 which includes the ID: "PROJ.A” of the project A and the own ID: "MEMBER1".
  • this initial setting 316 any other IDs may also be included if desired, but such other IDs are omitted as they are irrelevant here.
  • the object traversing of the document object 211 is carried out under the traverse right for the project A alone, so that only the document-1 part 100-1 can be accessed by the procedure similar to that in the first and second embodiments described above, such that this member-1 can read only the document-1 100-1 concerning the project A.
  • this member can read only the document-3 100-3 concerning the project B.
  • this member-2 sets up the initial setting 317 of the traverse ID list as shown in Fig. 25 which includes the ID: "PROJ.A” of the project A, the ID: “PROJ.B” of the project B, and the own ID: "MEMBER2". Then, the object traversing of the document object 211 is carried out under the traverse rights for the project A and the project B, and the traverse information field 307 has the flag "EVERYTHING" in this example, so that this member-2 can read the contents of both the document-1 100-1 concerning the project A and the document-3 100-3 concerning the project B as a single connected document.
  • this third embodiment can provide a number of considerable merits as follows.
  • the accesses to the same object under the distributed computer environment can be made by using the same address, so that the transmission of the electronic mail in this system can be realized by simply handing the pointer to the mail object.
  • the mail object data must be modified for each receiver in the conventional electronic mail tool so that an extra memory capacity is required for each mail object, but the simple handing of the pointer to the mail object also suffices for the electronic mail tool of this third embodiment, so that the performance of the system as a whole can be improved considerably.
  • the efficiency and the effectiveness of the electronic mail tool can be improved considerably for even a very simple situation, and even higher effect can be expected for a case of dealing with a complicated object combining a number of objects.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
EP94103585A 1993-03-09 1994-03-09 Procédé et appareil de traversée d'objet adaptés à une mémoire structurée formée d'objets enchaînés Expired - Lifetime EP0615192B1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP48159/93 1993-03-09
JP4815993 1993-03-09

Publications (2)

Publication Number Publication Date
EP0615192A1 true EP0615192A1 (fr) 1994-09-14
EP0615192B1 EP0615192B1 (fr) 1997-05-28

Family

ID=12795608

Family Applications (1)

Application Number Title Priority Date Filing Date
EP94103585A Expired - Lifetime EP0615192B1 (fr) 1993-03-09 1994-03-09 Procédé et appareil de traversée d'objet adaptés à une mémoire structurée formée d'objets enchaînés

Country Status (3)

Country Link
US (1) US5574901A (fr)
EP (1) EP0615192B1 (fr)
DE (1) DE69403367T2 (fr)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2295909A (en) * 1994-12-07 1996-06-12 Fujitsu Ltd Managing files shared by users
WO2001048634A2 (fr) * 1999-12-27 2001-07-05 Texar Software Corp. Repertoire d'attribut de ressource virtuel
GB2361334A (en) * 2000-04-13 2001-10-17 Int Computers Ltd Content store management
FR2896602A1 (fr) * 2006-01-26 2007-07-27 Commissariat Energie Atomique Procede de gestion de documents electroniques

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5913032A (en) * 1994-04-04 1999-06-15 Inprise Corporation System and methods for automatically distributing a particular shared data object through electronic mail
US7079177B2 (en) * 1995-02-27 2006-07-18 Canon Kabushiki Kaisha Remote control system and access control method for information input apparatus with limitation by user for image access and camemremote control
US5737554A (en) * 1995-10-31 1998-04-07 Apple Computer, Inc. System and method of using object sensitivity for selecting computer-generated objects
JPH09190411A (ja) * 1996-01-12 1997-07-22 Nec Corp 共有アプリケーションプログラムにおける操作権連動方式及び協同作業システム
US5842219A (en) * 1996-03-14 1998-11-24 International Business Machines Corporation Method and system for providing a multiple property searching capability within an object-oriented distributed computing network
JP3579240B2 (ja) * 1998-02-13 2004-10-20 富士通株式会社 電子メール装置及び電子メールプログラムを記録したコンピュータ読取可能な記録媒体
US7571170B2 (en) * 2005-10-04 2009-08-04 Kyocera Mita Corporation Electronic device, method for data management, and program recording medium
US10866963B2 (en) 2017-12-28 2020-12-15 Dropbox, Inc. File system authentication

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0398645A2 (fr) * 1989-05-15 1990-11-22 International Business Machines Corporation Système pour contrôler des privilèges d'accès

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4621321A (en) * 1984-02-16 1986-11-04 Honeywell Inc. Secure data processing system architecture
US4956769A (en) * 1988-05-16 1990-09-11 Sysmith, Inc. Occurence and value based security system for computer databases
US5263157A (en) * 1990-02-15 1993-11-16 International Business Machines Corporation Method and system for providing user access control within a distributed data processing system by the exchange of access control profiles
US5423034A (en) * 1992-06-10 1995-06-06 Cohen-Levy; Leon Network file management with user determined hierarchical file structures and means for intercepting application program open and save commands for inputting and displaying user inputted descriptions of the location and content of files

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0398645A2 (fr) * 1989-05-15 1990-11-22 International Business Machines Corporation Système pour contrôler des privilèges d'accès

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ALMES ET AL.: "Edmas: an object-oriented, locally distributed mail system", IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, vol. SE-13, no. 9, September 1989 (1989-09-01), NEW YORK US, pages 1001 - 1009 *
NEMETH ET AL.: "UNIX system administration handbook", 1989, PTR PRENTICE HALL, ENGLEWOOD CLIFFS, NEW JERSEY 07632, US *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2295909A (en) * 1994-12-07 1996-06-12 Fujitsu Ltd Managing files shared by users
US5724578A (en) * 1994-12-07 1998-03-03 Fujitsu Limited File managing system for managing files shared with a plurality of users
GB2295909B (en) * 1994-12-07 1999-09-29 Fujitsu Ltd File managing system for mananging files shared with a plurality of users
WO2001048634A2 (fr) * 1999-12-27 2001-07-05 Texar Software Corp. Repertoire d'attribut de ressource virtuel
WO2001048634A3 (fr) * 1999-12-27 2004-02-26 Texar Software Corp Repertoire d'attribut de ressource virtuel
GB2361334A (en) * 2000-04-13 2001-10-17 Int Computers Ltd Content store management
FR2896602A1 (fr) * 2006-01-26 2007-07-27 Commissariat Energie Atomique Procede de gestion de documents electroniques
WO2007085768A1 (fr) * 2006-01-26 2007-08-02 Commissariat A L'energie Atomique Procede de gestion de documents electroniques
US9292703B2 (en) 2006-01-26 2016-03-22 Commissariat A L'energie Atomique Et Aux Energies Alternatives Electronic document management method

Also Published As

Publication number Publication date
DE69403367D1 (de) 1997-07-03
US5574901A (en) 1996-11-12
DE69403367T2 (de) 1997-10-09
EP0615192B1 (fr) 1997-05-28

Similar Documents

Publication Publication Date Title
US6289458B1 (en) Per property access control mechanism
US6446093B2 (en) Document sharing management method for a distributed system
US6928439B2 (en) Computer system with access control mechanism
US7783737B2 (en) System and method for managing supply of digital content
JP2996937B2 (ja) サーバ
JP4876734B2 (ja) 文書利用管理システム及び方法、文書管理サーバ及びそのプログラム
US7386546B1 (en) Metadirectory namespace and method for use of the same
US6392669B1 (en) Schedule management system and method for displaying, managing, and changing a schedule and recording medium for storing the same
US6606633B1 (en) Compound document management system and compound document structure managing method
US8862624B2 (en) Access control to resource content
US6665675B1 (en) Shared file system having a token-ring style protocol for managing meta-data
US5884308A (en) Updating distributed data files using active token distributed at different times to different sites
US5574901A (en) Method and apparatus for object traversing suitable for structured memory formed by linked objects
JPH04310188A (ja) 文書/画像ライブラリのためのライブラリサービス方法
JPH08161215A (ja) ファイル管理システム
JP2000004225A (ja) ネットワークシステム、送受信方法、送信装置、受信装置、および、記録媒体
US7958146B2 (en) Using a calculation expression to define and control access rights for records in a database
US7533157B2 (en) Method for delegation of administrative operations in user enrollment tasks
JP2003280990A (ja) 文書処理装置及び文書を管理するためのコンピュータプログラム
JP2007509410A (ja) コンピュータネットワークにおいて集約されたデータビューを生成するためのシステムおよび方法
JP3623979B2 (ja) オブジェクト走査装置及び方法
JPWO2004109517A1 (ja) ストレージ管理プログラムおよびファイル処理プログラム
JP4093811B2 (ja) ユーザアクセス権制御装置及び方法
JP2006172377A (ja) ワークフローシステムおよび関連権限設定方法およびプログラムおよび記録媒体
US20070011166A1 (en) Method and apparatus for providing multi-view of files depending on authorization

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 19940309

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): DE FR GB

17Q First examination report despatched

Effective date: 19941219

GRAG Despatch of communication of intention to grant

Free format text: ORIGINAL CODE: EPIDOS AGRA

GRAH Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOS IGRA

GRAH Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOS IGRA

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): DE FR GB

REF Corresponds to:

Ref document number: 69403367

Country of ref document: DE

Date of ref document: 19970703

ET Fr: translation filed
PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

26N No opposition filed
REG Reference to a national code

Ref country code: GB

Ref legal event code: IF02

REG Reference to a national code

Ref country code: GB

Ref legal event code: 746

Effective date: 20070317

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20080305

Year of fee payment: 15

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20080311

Year of fee payment: 15

Ref country code: DE

Payment date: 20080306

Year of fee payment: 15

GBPC Gb: european patent ceased through non-payment of renewal fee

Effective date: 20090309

REG Reference to a national code

Ref country code: FR

Ref legal event code: ST

Effective date: 20091130

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: DE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20091001

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: GB

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20090309

Ref country code: FR

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20091123